AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 1
AT&T IP Flexible Reach Service and
AT&T IP Toll-Free on AT&T VPN Service
Customer Edge Router (CER)
Customer Configuration Guide for
AT&T IP Flexible Reach Service and
AT&T IP Toll-Free on AT&T VPN Service
as the Underlying Transport Service
Cisco ASR 1001, 1002, 1002X, 1004, 1006 Platforms
November 25, 2015
Version 2.5
© 2014 AT&T Intellectual Property. All rights reserved.
AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
All other marks contained herein are the property of their respective owners.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 2
Table of Contents
1 INTRODUCTION ......................................................................................................................................... 4
1.1 OVERVIEW .............................................................................................................................................. 4 1.1.1 Access Types ...................................................................................................................................... 5 1.1.2 Software Information ......................................................................................................................... 6 1.1.3 Supported Hardware ......................................................................................................................... 7
1.2 NETWORK TOPOLOGY ............................................................................................................................. 9 1.2.1 AT&T Certified IP-PBX’s ................................................................................................................10
1.3 SPECIAL CONSIDERATIONS ....................................................................................................................12
2 NETWORK DESIGN ...................................................................................................................................12
2.1 BANDWIDTH ALLOCATION .....................................................................................................................12 2.1.1 Simultaneous Voice Calls .................................................................................................................12 2.1.2 Per Call Bandwidth ..........................................................................................................................13 2.1.3 Bandwidth Reduction Techniques ....................................................................................................14 2.1.4 Putting It Together ...........................................................................................................................15
2.2 SPECIAL ENGINEERING GUIDELINES FOR ETHERNET ACCESS ................................................................16
3 TRAFFIC CLASSIFICATION AND QUEUING TECHNIQUES ..........................................................17
3.1 CLASSIFICATION ....................................................................................................................................18 3.2 QUEUING OPTIONS .................................................................................................................................18 3.3 TRAFFIC SHAPING ..................................................................................................................................19
4 CUSTOMER EDGE ROUTER (CER) CONFIGURATIONS SPECIFIC TO COS AND WAN
INTERFACE ..........................................................................................................................................................20
4.1 CLASSIFICATION ....................................................................................................................................20 4.2 LLQ/CBWFQ SET UP AND PACKET MARKING ......................................................................................22
4.2.1 PPP access (T3/E3 speeds) ..............................................................................................................22 4.2.2 OC3 ATM .........................................................................................................................................23 4.2.3 T3/E3 Frame Relay Encapsulation...................................................................................................24 4.2.4 OC3/OC12/OC48 POS access .........................................................................................................24 4.2.5 OC3/OC12 Frame Relay Encapsulation ..........................................................................................27 4.2.6 Ethernet Access ................................................................................................................................28 4.2.7 CoS6 Example ..................................................................................................................................28
4.3 FRAME RELAY TRAFFIC SHAPING FOR FRAME RELAY INTERFACES ONLY ..............................................29 4.4 INTERFACE CONFIGURATION .................................................................................................................29
4.4.1 PPP access (T3/E3 speeds) ..............................................................................................................30 4.4.2 OC3 ATM .........................................................................................................................................31 4.4.3 T3/E3 Frame Relay Encapsulation...................................................................................................32 4.4.4 OC3 PPP Access .............................................................................................................................34 4.4.5 OC3/OC12 Frame Relay Encapsulation ..........................................................................................35 4.4.6 OC48 Frame Relay Encapsulation (Port-Based COS) ....................................................................36 4.4.7 10 or 100 Mbit/s Ethernet Access ....................................................................................................37 4.4.8 Gigabit Ethernet Access ...................................................................................................................39
A.1 SAMPLE T3 PPP ROUTER CONFIGURATION ...................................................................................................41 A.2 SAMPLE OC3 PPP ROUTER CONFIGURATION ................................................................................................45 A.3 SAMPLE GIGABIT ETHERNET ROUTER CONFIGURATION ................................................................................48 A.4 SAMPLE OC48 PPP ROUTER CONFIGURATION – PORT-BASED COS (ASR 1004 / 1006 ONLY) .....................53 A.5 SAMPLE OC48 FRAME ENCAP CONFIG (MULTI-VRF) – PORT-BASED COS (ASR 1004 / 1006 ONLY) ............57 A.6 SAMPLE 10GIG ETHERNET ROUTER CONFIGURATION – PVC-BASED COS (ASR1004 / 1006 ONLY) ............62
APPENDIX B: INBOUND ALTERNATE ROUTING .......................................................................................66
APPENDIX C: BRANCH OFFICE EXTENSION (BOE) ................................................................................66
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 3
C.1 INTRODUCTION TO BOE .............................................................................................................................66 C.2 IMPLEMENTATION CHECKLIST ...................................................................................................................69 C.3 EMERGENCY SERVICES ...............................................................................................................................70 C.4 TROUBLESHOOTING .....................................................................................................................................70
APPENDIX D: ACRONYMS ...............................................................................................................................72
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 4
1 Introduction This Customer Configuration Guide (“CCG”) provides recommended guidelines for configuring the Customer-managed Customer Edge Router (CER) for use with AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN Service as the Underlying Transport Service. CERs can be utilized for either one of those services or for both services simultaneously. Please ensure your system set-up is consistent with the recommended specifications provided in this document. AT&T reserves the right to modify or update its guidelines at any time without notice so please check the following link to be sure you have the latest version of this document (http://www.corp.att.com/bvoip/avpn/implementation/ (login: att, password: attvoip)). You may also wish to consult with your AT&T technical sales representative.
1.1 Overview AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free over AT&T VPN as the underlying transport are AT&T Business Voice over IP (BVoIP) services. AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN support network based Class of Service (CoS) which will work in conjunction with edge router configurations to provide the Quality of Service (QoS) that voice traffic requires. Four classes or six classes are available, including a Real Time class that will strictly prioritize voice packets over other data packets. Prioritizing voice packets helps to assure low latency for voice to meet delay budget constraints. This document should be used solely as a general configuration guideline. The Customer is solely responsible for determining the appropriate configuration of their specific environment; AT&T provides resources to assist with that configuration, please contact your AT&T technical support for assistance if needed.
Configuration examples in this guide are provided for informational purposes only. The example configurations may be mapped to a variety of vendor implementations, check with your AT&T technical support manager if you have any questions.
Note: The configuration examples provided in this document are based upon Cisco IOS features, however, the features are NOT described in their entirety; and may vary across hardware platforms and versions of IOS. Please refer to the appropriate Cisco documentation relative to your IOS features.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 5
1.1.1 Access Types
Following are the access types that can be ordered on the ASR Router:
Access Type Speed (bit/s) Supported Platforms
T3 PPP Access 5M to 45M ASR 1001, 1002, 1004, 1006
E3 PPP Access 5M to 34M ASR 1001, 1002, 1004, 1006
T3 Frame Relay Encapsulation 5M to 45M ASR 1001, 1002, 1004, 1006
E3 Frame Relay Encapsulation 5M to 34M ASR 1001, 1002, 1004, 1006
OC3 ATM 50M, 75M, 100M, 155M
ASR 1001, 1002, 1004, 1006
OC3 PPP access 50M, 75M, 100M, 155M
ASR 1001, 1002, 1004, 1006
OC3 Frame Relay Encapsulation 50M, 75M, 100M, 155M
ASR 1001, 1002, 1004, 1006
OC12 PPP access
100M, 200M, 300M, 400M, 622M
ASR 1001, 1002, 1004, 1006
OC12 Frame Relay Encapsulation
100M, 200M, 300M, 400M, 622M
ASR 1001, 1002, 1004, 1006
OC48 PPP access 2.4G ASR 1004/1006
only
OC48 Frame Relay Encapsulation 2.4G ASR 1004/1006
only
Ethernet Access types:
Access Type Speed (bit/s) Supported Platforms
10 Base-T
Access Link, VPN port and VLAN speeds (in Mbits): .5, 1, 1.5, 2, 3, 4, 5, 6, 7, 8, 9, 10
ASR 1001, 1002
100 Base-T or FX
Access Link, VPN port and VLAN speeds (in Mbits): .5, 1, 1.5, 2, 3, 4, 5, 6, 7, 8, 9, 10, 20, 30, 40, 50, 60, 70, 80, 90, 100
ASR 1001, 1002
1000 Base LX or SX
Access Link, VPN port and VLAN speeds (in Mbits): .5, 1, 1.5, 2, 3, 4, 5, 6, 7, 8, 9, 10, 20, 30, 40, 50, 60, 70, 80, 90, 100, 150, 200, 250, 400, 400, 450, 500, 600, 700, 800, 900, 1000)
ASR 1001, 1002, 1002X, 1004, 1006
10 Gigabit Ethernet LX or SX
Access Link, VPN port and VLAN speeds:
ASR 1002X, 1004, 1006
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 6
1.1.2 Software Information
1.1.2.1 ASR 1001
ASR 1001 - CER only
ASR 1001 configurations in this guide were tested with Cisco IOS-XE Release 15.3.3S1 with
ESP-2.5.
The ASR 1001 IOS XE files is asr1001-universalk9.03.10.01.S.153-3.S1-ext.bin.
OR
ASR 1001 - CER or combined CER/CUBE 1.4
ASR 1001 configurations in this guide were tested with Cisco IOS-XE Release 15.1.1S1 with
ESP-2.5.
The ASR 1001 IOS XE file is asr1001-universalk9.03.02.01.S.151-1.S1.bin.
1.1.2.2 ASR 1002
ASR 1002 - CER only
ASR 1002 configurations in this guide were tested with Cisco IOS-XE Release 15.3.3S1 with
ESP-5.
The 1002 IOS XE file is asr1000rp1-adventerprisek9.03.07.06.S.152-4.S6.bin
OR
ASR 1002 - CER or combined CER/CUBE1.4
ASR 1002 configurations in this guide were tested with Cisco IOS-XE Release 15.1.1S1 with
ESP-5.
The 1002 IOS XE file is asr1000rp1-adventerprisek9.03.02.00.S.151-1.S1.bin
1.1.2.3 ASR 1002X
ASR 1002X – CER only
ASR 1002X configurations in this guide were tested with Cisco IOS-XE Release 15.3.3S1 with
ESP-5.
The 1002X IOS XE file is asr1002x-universalk9.03.10.01.S.153-3.S1-ext.SPA.bin
The IOS XE is run from the bootflash, which is the internal compact flash memory.
The 1002X was tested with 4GB of DRAM.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 7
1.1.2.4 ASR 1004/1006
ASR 1004/1006 - CER only ASR 1004/1006 configurations in this guide were tested with Cisco IOS Software, IOS-XE
Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.3(3)S1. The
1004/1006 IOS XE file is asr1000rp1-adventerprisek9.03.10.01.S.153-3.S1-ext.bin
OR
ASR 1004/1006 - CER only ASR 1004/1006 configurations in this guide were tested with Cisco IOS Software, IOS-XE
Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.1(3)S2, CUST-
SPECIAL:V151_3_S2_SR617255895_3
The 1004/1006 IOS XE file is asr1000rp2-adventerprisek9.V151_3_S2_SR617255895_3.bin
1.1.3 Supported Hardware
1.1.3.1 ASR 1001
ESP-2.5/5, SIP10, RP1
Supported Interface Cards:
o SPA-1XOC12-POS 1-port OC12/STM4 POS Shared Port Adapters
o SPA-2XOC3-POS 2-port OC3/STM1 POS Shared Port Adapters
o SPA-4XOC3-POS 4-port OC3/STM1 POS Shared Port Adapters
o SPA-1XOC3-ATM-V2 1-port OC3/STM1 ATM Shared Port Adapter
o SPA-2XT3/E3 2-port Clear Channel T3/E3 Shared Port Adapter
o SPA-2X1GE-V2 Cisco 2-Port Gigabit Ethernet Shared Port Adapter
o SPA-4X1FETX-V2 Cisco 4-Port Fast Ethernet (TX) Shared Port Adapter
o SPA-8X1FETX-V2 Cisco 8-Port Fast Ethernet (TX) Shared Port Adapter
The following SFPs are supported for Gigabit Ethernet ports:
o SFP-GE-T
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
1.1.3.2 ASR 1002
ESP-5, SIP10, RP1
Supported Interface Cards:
o SPA-1XOC12-POS 1-port OC12/STM4 POS Shared Port Adapters
o SPA-2XOC3-POS 2-port OC3/STM1 POS Shared Port Adapters
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 8
o SPA-4XOC3-POS 4-port OC3/STM1 POS Shared Port Adapters
o SPA-1XOC3-ATM-V2 1-port OC3/STM1 ATM Shared Port Adapter
o SPA-2XT3/E3 2-port Clear Channel T3/E3 Shared Port Adapter
o SPA-2X1GE-V2 Cisco 2-Port Gigabit Ethernet Shared Port Adapter
o SPA-4X1FETX-V2 Cisco 4-Port Fast Ethernet (TX) Shared Port Adapter
o SPA-8X1FETX-V2 Cisco 8-Port Fast Ethernet (TX) Shared Port Adapter
The following SFPs are supported for Gigabit Ethernet ports:
o SFP-GE-T
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
1.1.3.3 ASR 1002X
ESP-5, 10, 20 and 36; SIP40, and RP1
Supported Interface Cards:
SPA-1x10GE-L-V2 or SPA-1x10GE-WL-V2: 1-Port 10-Gigabit Ethernet SPA (Note:
The SPA-1x10GE-WL-V2 card is used only if 192 framing is required at the customer
location.)
o XFP-10G-MM-SR
o XFP-10GLR-OC192SR
Six built-in Gigabit Ethernet SFP’s
o SFP-GE-T
o SFP-GE-S
1.1.3.4 ASR 1004
ESP-40, SIP40, and RP-2
Supported Interface Cards:
SPA-1X10GE-L-V2 Cisco 1-Port 10 Gigabit Ethernet Shared Port Adapter, Version 2
o XFP-10GLR-OC192SR
o XFP-10GER-OC192IR
o XFP-10GZR-OC192LR
o XFP-10G-MM-SR
SPA-10X1GE-V2 Cisco 10-Port Gigabit Ethernet Shared Port Adapter, Version 2
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
SPA-2X1GE-V2 Cisco 2-Port Gigabit Ethernet Shared Port Adapter, Version 2
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 9
1.1.3.5 ASR 1006
ESP-100, SIP40, and RP-2
Supported Interface Cards:
SPA-1X10GE-L-V2 Cisco 1-Port 10 Gigabit Ethernet Shared Port Adapter, Version 2
o XFP-10GLR-OC192SR
o XFP-10GER-OC192IR
o XFP-10GZR-OC192LR
o XFP-10G-MM-SR
SPA-10X1GE-V2 Cisco 10-Port Gigabit Ethernet Shared Port Adapter, Version 2
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
SPA-2X1GE-V2 Cisco 2-Port Gigabit Ethernet Shared Port Adapter, Version 2
o SFP-GE-S
o SFP-GE-L
o SFP-GE-Z
1.2 Network Topology
This section describes the generic AT&T supported topologies for various vendor IP–PBX’s.
Please refer to the following documents for details on configuring vendor specific AT&T supported topologies and related configuration information for IP-PBX’s:
o “Customer Edge Router Customer Configuration Guide for AT&T Certified IP-PBX Solutions”. (http://www.corp.att.com/bvoip/avpn/implementation/ (login: att, password: attvoip)).
o “Customer Edge Router Customer Configuration Guide for Integrated CER/CUBE with AT&T Certified IP-PBX Solutions”. (http://www.corp.att.com/bvoip/avpn/implementation/ (login: att, password: attvoip)).
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 10
1.2.1 AT&T Certified IP-PBX’s
Following is a sample diagram of a network topology for a site with an AT&T Certified IP-PBX. In this design, the Customer Edge Router (CER) and Session Border
Controller (SBC) are two separate devices. The AT&T VPN CSU-Probe is an AT&T
managed device. All other equipment is managed by the Customer.
The AT&T VPN CSU-Probe is optional.
AT&T IP Flexible Reach Service or AT&T IP Toll-Free on AT&T VPN site with AT&T VPN CSU-Probe, Generic IP-PBX and optional SBC
(CPE site design – physical view)
VPN CSU-Probe
optional(managed by AT&T)
IP phone#1
WAN
Connection
RJ-45 Ethernet
Straight Thru RJ-45 Ethernet
Straight Thru
Layer2
Switch
Cisco CER
RJ-45 Ethernet
Straight Thru
RJ-4
5 E
the
rnet
Stra
igh
t Th
ru
IP phone#2 IP-PBX
RJ-45 Ethernet
Straight Thru
Session Border Controller
(required in most scenarios)
RJ-4
5 E
the
rnet
Stra
igh
t Th
ru
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 11
Following is a sample diagram of a network topology for a site with an AT&T Certified IP-PBX. In this design, the Customer Edge Router (CER) and Cisco Unified Border Element (CUBE) Session Border Controller (SBC) are integrated into a single device. The integrated CER/CUBE is only supported with the ASR 1001 and 1002. The AT&T VPN CSU-Probe is an AT&T managed device. All other equipment is managed by the Customer. NOTE: This solution is only supported for specific scenarios. Please refer to the “Customer Edge Router Customer Configuration Guide for Integrated CER/CUBE with AT&T Certified IP-PBX Solutions”. (http://www.corp.att.com/bvoip/avpn/implementation/ (login: att, password: attvoip)).
The AT&T VPN CSU-Probe is optional.
AT&T IP Flexible Reach Service or AT&T IP Toll-Free on AT&T VPN site
with AT&T VPN CSU-Probe, Generic IP-PBX and optional SBC
(CPE site design – physical view)
IP Phone#1
WAN
Connection
RJ-45 Ethernet
Straight Thru
RJ-45 Ethernet
Straight Thru
Layer 2
Switch
Integrated
CER/CUBE
RJ-45 Ethernet
Straight Thru
RJ-4
5 E
the
rnet
Stra
igh
t Th
ru
IP Phone#2 IP PBX
RJ-45 Ethernet
Straight Thru
AT&T VPN CSU-Probe
optional
(managed by AT&T)
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 12
1.3 Special Considerations
The following TCP/IP ports must not be blocked by firewall or access lists:
o AT&T IP Border Element signaling and media addresses. o SIP signaling traffic (UDP port 5060). o RTP/RTCP traffic (UDP port range 16384-32767).
The configuration information in this CCG assumes a single primary CER. Any alternate routing configurations or remote branch connectivity to other sites, within the same or other AT&T VPN, requires proper configuration of the signaling and media paths. Routing configurations in all customer routers need to be set up to assure that the routing in the primary CER is not affected.
Class of Service (CoS) specific considerations: o CoS1 should not be more than 70% for ATM, Ethernet access.
2 Network Design
Before implementing AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free over AT&T VPN as the underlying transport service, it is critical to understand the voice requirements at each location and to plan accordingly. Improper design can ultimately lead to poor voice performance.
The two primary network attributes that must be determined are:
• The allocated bandwidth for voice at each site.
• The delay components and requirements for acceptable voice quality.
2.1 Bandwidth Allocation Primary factors in determining the bandwidth design for AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free over AT&T VPN as the underlying transport service are:
1. The number of simultaneous voice calls.
2. The per call bandwidth (Codec type + overhead).
3. Whether or not bandwidth reduction techniques are required.
Based on the above, the Class of Service (CoS) package can be selected including the calculation of the Committed Information Rate (CIR) and Real Time percentages.
2.1.1 Simultaneous Voice Calls
One of the most important aspects in designing a network with AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free over AT&T VPN as the underlying transport service is allocating enough bandwidth for voice calls. The required bandwidth is determined by
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 13
calculating the number of concurrent voice calls that must be supported at each location, and multiplying this by the bandwidth required per call. Concurrent call requirements may be simply based on the number of users at a site, or if the busy hour traffic load is known, the number of concurrent calls can be determined using the Erlang B formula. A web-based Erlang calculator, as well as more complex design tools, may be found at http://www.erlang.com/. Systems can be configured to accommodate up to the number of concurrent calls contracted for under their AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free contract. If the number of concurrent calls under contract is not sufficient, please contact AT&T to increase the number of concurrent calls under contract.
2.1.2 Per Call Bandwidth
Once the number of concurrent calls has been determined, the per-call bandwidth requirements need to be established. Bandwidth requirements are based on the codec as well as the Layer 2 protocol used to access the network. The most popular codec in use today is G.729; it is the default in Cisco voice equipment and can provide good quality, low bandwidth voice. The following table provides the bandwidth per call over various access types
While the G.729 codec is very popular today, it has limitations that should be investigated while designing the network. Certain call flows (like conference calls, voice mail applications) may require that a G.711 codec be used. Be aware that G.711 requires much higher bandwidth although it does support better call quality. If G.711 needs to be supported on the network, these higher bandwidth requirements should be taken into account in the design phase.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 14
Access Type Codec ptime (ms)
Bandwidth per call (Kbit/s)
Without RTCP With RTCP
Ethernet G729 A 20 29.8 30.3
G729 A 30 22.6 23.2
G711 20 85.4 86.0
G711 30 78.3 78.8
Ethernet with VLAN G729 A 20 31.4 31.9
G729 A 30 23.7 24.2
G711 20 87.1 87.6
G711 30 79.3 79.9
PPP or FR Encapsulation G729 A 20 25.8 26.3
G729 A 30 19.8 20.5
G711 20 81.4 81.9
G711 30 75.6 76.1
ATM G729 A 20 27.4 27.9
G729 A 30 21.1 21.6
G711 20 83.1 83.6
G711 30 76.6 77.2
Note: T.38 is the recommended protocol for fax as it has reduced bandwidth compared to G.711 fax. Configured properly to a baud rate of 14400 (this speed required for certain PSTN calls.
Note: A bandwidth calculator is available, currently at no charge to Cisco TAC users, that provides the exact layer 2 overhead calculations for voice over IP over Frame Relay and can be found at: http://tools.cisco.com/Support/VBC/jsp/Codec_Calc1.jsp This calculator takes into account overhead and also provides recommendations for potentially changing the default payload size in order to get better per call bandwidth performance.
Note: T.38 is the recommended protocol for fax as it has reduced bandwidth compared to G.711 fax. Configured properly to a baud rate of 14400 (this speed required for certain Public Switched Telephone Network (PSTN) calls), the T.38 fax call will use approximately 25Kbit/s over Frame Relay.
2.1.3 Bandwidth Reduction Techniques
There are several techniques for lowering the per call bandwidth requirements.
VAD or Voice Activity Detection (also known as silence suppression) may be turned on to take advantage of the fact that voice calls are “half duplex”— that is only one speaker in one direction is active at a time. Studies have shown that while theoretically VAD could reduce bandwidth consumption by 50%, a more conservative figure to use in design is 30%. Many users find that VAD can cause call impairment known as clipping — where the first word or
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 15
words are cut off when a speaker starts and, therefore, they do not use VAD even though it might help with the bandwidth consumption. A “best practice”, conservative design approach would be to size the network without VAD, test calls with VAD once the network is in place and adjust the bandwidth accordingly assuming VAD works effectively.
Most VoIP codecs can be modified from the default parameters to provide more efficient utilization of bandwidth for carrying voice traffic. One popular technique is to increase the number of voice samples in each IP packet. VoIP packets tend to be quite small, with a large percentage of the usable bandwidth consumed by protocol overhead (Layer 2, IP, UDP, RTP). Typically, G.729 encodes two 10mS voice samples in each IP packet. Each voice sample is only 10 bytes. The codec can often be modified to pack 3 or even more voice samples in each IP packet, substantially reducing the overhead:payload ratio. The downside of this approach is that it increases the encoding/decoding delay proportionately and more stringent overall design relative to latency and jitter.
2.1.4 Putting It Together
Once concurrent calls and bandwidth consumption per call have been determined, the network requirements should be chosen. AT&T recommends using the Real Time (RT) Class of Service for voice signaling and media traffic. CoS packages are sold based on percentages of the CIR purchased. Two CoS packages support RT CoS—Multimedia High and Multimedia Low. If the percentage of RT traffic is 50% or lower than the CoS Package is Multi-Media Standard and if the percentage of RT is above 50% the CoS Package is Multi-Media High. For details on configuring CERs for the basic AVPN transport service, independent of IP Flexible Reach Service and/or AT&T IP Toll-Free, reference: AT&T VPN Service Customer Router Configuration Guide
This Guide is available on AT&T BusinessDirect under Insight and News, Tech Specs or from your Sale team. The bandwidth allocated to the RT class is very important because any traffic presented to RT over the allocation will be strictly policed and dropped in order to prevent queuing and additional delay. For instance, a link is designed for 10 calls and an 11th call comes in. The 11th call will not be denied but will cause packet drops across all calls. Those packet drops can cause voice quality degradation of the existing calls. To avoid this problem, RT sizing is critical.
Note: Sizing of data requirements, possibly including video, is beyond the scope of this document but is covered in: AT&T Network Services COS Customer Router Configuration Guide
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 16
2.2 Special Engineering Guidelines for Ethernet Access
Three basic types of Ethernet access will be supported: Full Port, single VLAN tag, and stacked dual VLAN tag (Q in Q) ports. Full port is setup the same as single VLAN tag. Ethernet actually has the most protocol overhead of any supported transport including ATM. A 30 Byte payload needs 2 ATM cell @ 53 Bytes each for a total of 106 Bytes. Ethernet Line Rate requires 112 bytes for each 30 Byte payload. The Line Rate includes the inter-frame gap, preamble, start of frame delimiter, & CRC for each frame which adds to the total. So the protocol difference is about 1.6% more for Ethernet, at approximately 73% protocol overhead of all transported bytes. Many of its configuration options are unique, and are detailed below: 1. CoS1 for Ethernet should not be > than 70% to compensate for overhead. 2. Shaping Rates should be computed to 99% of Port speed – rounded down to the
next 64K – per the table below. Ethernet Shaping Table:
Access Type/Speed Port Speed Shaped to 99%
of Ethernet VLAN speed
*rounded down to nearest 64k
512k VLAN Ethernet 512k 448k*
1M VLAN Ethernet 1000k 960k*
1.5M VLAN Ethernet 1500k 1472k*
2M VLAN Ethernet 2000k 1920k*
3M VLAN Ethernet 3000k 2944k*
4M VLAN Ethernet 4000k 3904k*
5M VLAN Ethernet 5000k 4928k*
6M VLAN Ethernet 6000k 5888k*
7M VLAN Ethernet 7000k 6912k*
8M VLAN Ethernet 8000k 7872k*
9M VLAN Ethernet 9000k 8896k*
10M VLAN Ethernet 10000k 9856k*
20M VLAN Ethernet 20000k 19776k*
30M VLAN Ethernet 30000k 29696k*
40M VLAN Ethernet 40000k 39552k*
50M VLAN Ethernet 50000k 49472k*
60M VLAN Ethernet 60000k 59392k*
70M VLAN Ethernet 70000k 69248k*
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 17
Access Type/Speed Port Speed Shaped to 99%
of Ethernet VLAN speed
*rounded down to nearest 64k
80M VLAN Ethernet 80000k 79168k*
90M VLAN Ethernet 90000k 89088k*
100M VLAN Ethernet 100000k 98944k*
150M VLAN Ethernet 150000k 148480k*
200M VLAN Ethernet 200000k 197952k*
250M VLAN Ethernet 250000k 247488k*
300M VLAN Ethernet 300000k 296960k*
400M VLAN Ethernet 400000k 395968k*
450M VLAN Ethernet 450000k 445440k*
500M VLAN Ethernet 500000k 494976k*
600M VLAN Ethernet 600000k 593984k*
700M VLAN Ethernet 700000k 692992k*
800M VLAN Ethernet 800000k 792000k*
900M VLAN Ethernet 900000k 890944k*
1000M VLAN Ethernet 1000000k 989952k*
2.5Gig VLAN Ethernet 2500000k 2474944k*
3 Traffic Classification and Queuing Techniques
Class of Service features operate in concert with customer router behaviors to provide end-to-end congestion management of application traffic flows. The Customer Edge Router (CER) has several roles in the process. First, it must recognize and categorize the different application types that are to receive differentiated service. Based on this recognition, queuing, fragmentation and interleaving techniques are used as appropriate to provide preferential treatment of priority traffic during congestion. In addition to the treatment within the CER, the network needs to recognize and provide differentiated treatment of customer application traffic. To accommodate this, the CER needs to mark the various application types with appropriate Differentiated Services (DiffServ) codepoints. This allows the network to recognize the different traffic types to provide the desired preferential treatment.
After determining bandwidth requirements and the techniques required to meet the delay budgets, CoS techniques should be applied in the CER to compliment the functionality in the network PER. CoS techniques will help minimize delay, jitter (variation in delay) and drops of voice packets. These techniques include classifying and marking packets by traffic type, using queuing techniques, and traffic shaping.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 18
3.1 Classification
The first step in traffic classification is to identify different traffic flows and mark them with the appropriate Differentiated Service Code Point (DSCP) bit. The following table defines the settings expected by the AT&T VPN network.
Class of Service IP Precedence
DSCP DSCP Decimal
DSCP Binary (In Contract)
Real Time 5 EF 46 101 110
Bursty High 3 AF31 26 011 010
Bursty Low 2 AF21 18 010 010
Best Effort 0 BE 0 000 000
Additional Classes for CoS6:
Class of Service IP Precedence
DSCP DSCP Decimal
DSCP Binary (In Contract)
Video (CoS2V) 4 AF41 34 100 010
Scavenger (CoS5) 1 AF11 10 001 010
3.2 Queuing Options
Queuing techniques and implementations have evolved over the past several years and include options that can strictly prioritize voice traffic over data traffic without starving out the data traffic. Strict priority queuing is a mechanism that will always immediately serve any packets in the priority queue before serving any other queue, ensuring the best possible delay characteristics. In the AT&T IP Flexible Reach Service
and/or AT&T IP Toll-Free over AT&T VPN as the Underlying Transport Service, AT&T uses Low Latency Queuing with Class Based Weighted Fair Queuing (LLQ/CBWFQ) and recommends that customers use the same techniques in their CERs. LLQ/CBWFQ is configured via a policy map where different classes of traffic are assigned a percentage or specific amount of bandwidth. The LLQ is established with the priority command and given a specific bandwidth in kilobits per second. The LLQ is sized based on the bandwidth allocation recommendations in section 2.1. Other queues are serviced based on the amount of bandwidth allocated to them.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 19
3.3 Traffic Shaping
Traffic shaping on high speed circuits is done by setting a “service-policy” on the interface (or sub-interface) as shown in the examples in Appendix A. The shape rate is set by taking 99% of the available bandwidth (rounded down to the nearest 64k) for a particular circuit type (or the subrate speed in the case of subrates). The table below shows the available bandwidth along with the shape rate for some of the larger access circuits.
Circuit Type Available Bandwidth (AB)
Shape Rate (99% of AB)
(rounded down to nearest 64k)
Encapsulation Type
T3 44210 kbps / Subrate speed
43712 kbps / Subrate speed PPP / Frame Relay
OC3 149759 kbps / Subrate speed
148224 kbps / Subrate speed PPP / Frame Relay
OC12 599040 kbps / Subrate speed
593024 kbps / Subrate speed PPP / Frame Relay
OC48 2396120 kbps (no Subrates)
2372096 kbps (no Subrates) PPP / Frame Relay
1/10Gigabit Ethernet
Port or Subrate Speed 99% of AB (rounded down to nearest 64k)
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 20
4 Customer Edge Router (CER) Configurations specific to CoS and WAN interface
The router configurations in this section are partial configurations for AT&T IP Flexible Reach
Service and/or AT&T IP Toll-Free over AT&T VPN as the underlying transport service.
Sample configurations, relative to specific environments, have been provided for reference in
Appendix A.
4.1 Classification
Following are the access group list configurations. Data and video classes would be defined by the customer. RTP, SIP, SCCP and BGP access-lists should be configured as they are shown. CoS4 (default class) does not need to be defined.
ip access-list extended RTP
permit udp any range 16384 32767 any range 16384 32767
ip access-list extended SIP
permit udp any eq 5060 any
permit udp any any eq 5060
permit tcp any eq 5060 any
permit tcp any any eq 5060
ip access-list extended SCCP **Only needed for Cisco UCM solutions**
permit tcp any range 2000 2003 any
permit tcp any any range 2000 2003
ip access-list extended BGP
permit tcp any eq bgp any
permit tcp any any eq bgp
ip access-list extended COS2-Traffic
permit udp any any eq 2082 <sample only – COS2 customer defined>
permit udp any eq 2082 any <sample only – COS 2 customer defined>
ip access-list extended COS3-Traffic
permit udp any any eq 2083 <sample only – COS3 customer defined>
permit udp any eq 2083 any <sample only – COS3 customer defined>
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 21
Note: Even if no CoS2 traffic is ordered, a minimum percentage of CoS2 must be configured on the CER if BGP routing is used, because BGP traffic falls into CoS2.
Additional Access-Lists for CoS6:
ip access-list extended COS2V-Traffic
permit tcp any any range 3230 3231 <sample only – COS2V customer defined>
permit udp any any range 3230 3235 < sample only – COS2V customer defined>
ip access-list extended COS5-Traffic
permit udp any any eq 110 <sample only – COS5 customer defined>
permit udp any eq 110 any <sample only – COS5 customer defined>
In order to classify the traffic that will be put into different queues, the class-map statement is used to match access-groups. In this example, the voice traffic is matched from access group lists “RTP”(which includes Real Time Control Protocol (RTCP) traffic) and “SIP” and put into a class called CoS1 for real time traffic. Note that the names used in the class-map are the same names used in the policy map in section 4.2—this is critical to ensure that the right policy will be applied to the right class. Note: These classifications are the same for all access types.
class-map match-any COS1
match access-group name RTP
match access-group name SIP
match access-group name SCCP
class-map match-any BGP
match access-group name BGP
class-map match-any COS2
match access-group name COS2-Traffic
match access-group name BGP
class-map match-any COS3
match access-group name COS3-Traffic
Additional Class-maps for CoS6:
class-map match-any COS2V
match access-group name COS2V-Traffic
class-map match-any COS5
match access-group name COS5-Traffic
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 22
4.2 LLQ/CBWFQ Set up and Packet Marking The Low Latency Queue is established through a priority statement. The class “CoS1” is put in the low latency queue. The packets are then marked with IP dscp of ‘ef’ to match the network’s expectation for real time service. The remaining bandwidth is distributed among the other classes—CoS2( bursty high traffic) and CoS3 (bursty low traffic) and marked with the appropriate IP Differentiated Services Code Point (DSCP) marking. Finally, the default class is set for Best Effort traffic. Note that IP Cisco Express Forwarding (CEF) must be enabled on the CER for the service policy to work In the following section bandwidth is referred to as BW. Following are examples of how the data queues might be set up:
4.2.1 PPP access (T3/E3 speeds)
PPP access requires a shaping policy map be applied to the Serial Interface. The policy map for the Quality of Service (QoS) is applied to the shaping policy map. The shape rate of the shaping policy map should be set to 95% of the port speed.
Note: Burst interval for CoS1 should always be set to 1 second.
Example for T3/E3 PPP Access:
!
policy-map MARK-BGP
class BGP
set ip dscp cs6
!
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <Burst size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2 %>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3 %>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4 %>
set ip dscp default
queue-limit 256 packets
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 23
policy-map SHAPE_PPP **This policy map applied to serial interface**
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > 0
service-policy COS
Note: Subrates are treated differently than full port configurations with regards to shaping. For subrate speeds, shaping is merely the subrate speed instead of 99% of it.
4.2.2 OC3 ATM
Note: CoS1 greater than 70% not recommended for ATM access.
With ATM, the “COS” policy-map will be applied to the subinterface under the pvc statement.
Note: Burst interval for CoS1 should always be set to 1 second.
Example for OC3 ATM:
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <burst size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
Note – Voice only
customers (no data)
should not set the BE
equal to 0. It should be
left blank.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 24
4.2.3 T3/E3 Frame Relay Encapsulation
Multiple VPN connections over private line access are typically provided using Frame Relay encapsulation on the access link to provide L2 differentiation of the connections.
With Frame Relay encapsulation, a policy-map will be applied to each sub-interface (or one policy-map to each subinterface if there are multiple subinterfaces).
Note: Burst interval for CoS1 should always be set to 1 second.
Example for T3/E3 Frame Relay Encapsulation :
policy-map MARK-BGP
class BGP
set ip dscp cs6
!
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <Burst Size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
policy-map SHAPE_FR_ENCAP **This policy map applied to serialsub- interface**
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > 0
service-policy COS
4.2.4 OC3/OC12/OC48 POS access
Note – Voice only
customers (no data)
should not set the BE
equal to 0. It should be
left blank.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 25
OC3/OC12/OC48 POS access requires a shaping policy map be applied to the POS interface. The policy map for the QOS is applied to the shaping policy map. The shape rate of the shaping policy map should be set to 99% of the available bandwidth.
Note: Burst interval for CoS1 should always be set to 1 second.
Example for OC3 POS:
! policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <Burst Size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
policy-map POS-SHAPE
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > account user-defined 3
service-policy COS
Note: Subrates are treated differently than full port configurations with regards to shaping. For subrate speeds, shaping is merely the subrate speed instead of 99% of it.
Example for OC12 POS:
!
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority
queue-limit 2048 packets
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 26
police <COS1 BW> <Burst size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
policy-map POS-SHAPE
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > account user-defined 5
service-policy COS
Note: Subrates are treated differently than full port configurations with regards to shaping. For subrate speeds, shaping is merely the subrate speed instead of 99% of it.
Example for OC48 POS/Frame Relay Encapsulation:
!
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority
queue-limit 16384 packets
police <COS1 BW> <Burst Size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 1024 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 1024 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 1024 packets
policy-map POS-SHAPE
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > account user-defined 5
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 27
service-policy COS
*OC48 subrate speeds are currently not supported.
4.2.5 OC3/OC12 Frame Relay Encapsulation
Multiple VPN connections over private line access are typically provided using Frame Relay encapsulation on the access link to provide L2 differentiation of the connections.
OC3/OC12 PPP access requires a policy map be applied to each sub- interface.
Note: Burst interval for CoS1 should always be set to 1 second
Example for OC3/OC12 Frame Relay encapsulation:
!
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <Burst size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2 %>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3 %>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
!
policy-map POS-SHAPE_FR_ENCAP
class class-default
shape average <Available BW * .99 (rounded down to nearest 64K)> <(Available BW * .99)/250
(rounded up to nearest 128) > account user-defined <”3” for OC3, “5” for OC12>
service-policy COS
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 28
4.2.6 Ethernet Access
Ethernet access requires a shaping policy map be applied to the Ethernet interface. The policy map for the CoS is applied to the shaping policy map. The shape rate of the shaping policy map should be set to a percentage of the port speed. See section 2.3 Special Engineering Guidelines for Ethernet Access for the guidelines.
For Ethernet access with VLANs, a separate policy-map should be applied to each subinterface.
Note: Burst interval for COS1 should always be set to 1 second.
Example for Ethernet Access:
policy-map MARK-BGP
class BGP
set ip dscp cs6
!
policy-map COS
class COS1
priority
queue-limit 2048 packets
police <COS1 BW> <Burst Size> conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent <COS2%>
set ip dscp af31
queue-limit 256 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent <COS3%>
set ip dscp af21
queue-limit 256 packets
class class-default
bandwidth remaining percent <COS4%>
set ip dscp default
queue-limit 256 packets
policy-map Ethernet-SHAPE
class class-default
shape average <Shaping Rate – see section 2.3> <(Available BW * .99)/250 (rounded up to nearest
128) > account user-defined 24
service-policy COS
4.2.7 CoS6 Example
Following is an example of how to configure a service policy for a CoS6 configuration by adding on the “COS2V” and “COS5” classes.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 29
Note: Burst interval for CoS1 should always be set to 1 second.
Example for CoS6:
policy-map MARK-BGP class BGP set ip dscp cs6 ! policy-map COS class COS1 priority queue-limit 2048 packets police <COS1 BW> <Burst Size> conform-action set-dscp-transmit ef exceed-action drop class COS2V bandwidth remaining percent <COS2V%> set ip dscp af41 queue-limit 256 packets class COS2 bandwidth remaining percent <COS2%> set ip dscp af31 queue-limit 256 packets service-policy MARK-BGP class COS3 bandwidth remaining percent <COS3%> set ip dscp af21 queue-limit 256 packets class COS5 bandwidth remaining percent <COS5%> set ip dscp af11 queue-limit 256 packets class class-default bandwidth remaining percent <COS4%> set ip dscp default queue-limit 256 packets
4.3 Frame Relay traffic shaping for Frame Relay interfaces only
Frame Relay traffic shaping is not supported on ASR routers.
4.4 Interface Configuration This section gives examples of how to configure the various interface types.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 30
4.4.1 PPP access (T3/E3 speeds)
Follow these steps for a T3 PPP circuit:
Global Configuration:
First, set the “card type” to the appropriate type (T3). After the t3 keyword, specify the slot and subslot location of the SPA.
On the Main Interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Set encapsulation to “ppp”
Set the “dsu bandwidth” to the proper speed (44210 for T3 full rate)
Configure “framing c-bit”
Configure “cablelength” in feet.
Apply the CoS policy map .
Configure “hold-queue 4096 out” under the main interface.
Example:
card type t3 <slot #> <subslot #>
interface Serial0/2/0
ip address <IP address> <mask>
encapsulation ppp
load-interval 30
dsu bandwidth 44210
framing c-bit
cablelength <cable length in feet>
service-policy output SHAPE_PPP
hold-queue 4096 out
Follow these steps for an E3 PPP circuit:
Global Configuration:
First, set the “card type” to the appropriate type (E3). After the e3 keyword, specify the slot and subslot location of the SPA.
On the Main Interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Set encapsulation to “ppp”
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 31
Configure “framing g751”
Configure “dsu mode 1”
Apply the CoS policy map .
Configure “hold-queue 4096 out” under the main interface.
Example: card type E3 <slot #> <subslot #>!
interface Serial0/3/0
ip address <IP Address> <mask>
encapsulation ppp
framing g751
dsu mode 1
service-policy output SHAPE_PPP
hold-queue 4096 out
4.4.2 OC3 ATM
Use the following steps to configure an OC3 ATM interface:
On the main interface:
Configure “no atm ilmi-keepalive”
Configure “hold-queue 4096 out”
On the subinterface:
Set “mtu” to 1500
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure “PVC <VPI> <VCI>” with the appropriate numbers for the PVC.
Configure the “vbr-nrt” statement
Configure the following oam statements: oam-pvc manage oam retry 3 5 1 oam ais-rdi 10 3
Set “encapsulation” to aal5snap
Apply the outbound policy map
Example:
interface ATM0/3/0
no ip address
load-interval 30
no atm ilmi-keepalive
hold-queue 4096 out
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 32
!
interface ATM0/3/0.1 point-to-point
mtu 1500
ip address <IP address> <mask>
pvc <VPI>/<VCI>
vbr-nrt <Port speed *.95> <Port speed * .95> 1
oam-pvc manage
oam retry 3 5 1
oam ais-rdi 10 3
encapsulation aal5snap
service-policy out COS
4.4.3 T3/E3 Frame Relay Encapsulation
Following are the steps to configure T3 Frame Encapsulation:
Global Configuration:
First, set the “card type” to the appropriate type (T3). After the t3 keyword, specify the slot and subslot location of the SPA.
On the main interface:
Configure “encapsulation frame-relay IETF”
Set the dsu bandwidth to the appropriate access speed.
Configure “scramble”
Set the “framing” to “c-bit”.
Configure “cablelength” in feet
“Frame-relay lmi-type” must be set to “ansi”.
Configure “hold-queue 4096 out”. On each subinterface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure the “frame-relay interface-dlci” with the appropriate DLCI number
Apply the output policy-map
Example:
card type t3 <slot #> <subslot #>
interface Serial0/3/0
encapsulation frame-relay IETF
dsu bandwidth 44210
scramble
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 33
framing c-bit
cablelength <length of cable in feet>
frame-relay lmi-type ansi
hold-queue out 4096
!
interface Serial0/3/0.200 point-to-point
ip address <IP Address> <mask>
no cdp enable
frame-relay interface-dlci <DLCI #>
service-policy output SHAPE_FR_ENCAP
Following are the steps to configure E3 Frame Encapsulation:
Global Configuration:
First, set the “card type” to the appropriate type (T3). After the t3 keyword, specify the slot and subslot location of the SPA.
On the main interface:
Configure “encapsulation frame-relay IETF”
Configure “framing g751”
Configure “scramble”
Set the “dsu mode 1”
“Frame-relay lmi-type” must be set to “ansi”.
Configure “hold-queue 4096 out”.
On each subinterface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure the “frame-relay interface-dlci” with the appropriate DLCI number
Apply the output policy-map
Example:
card type e3 <slot #> <subslot #>
!
interface Serial0/3/0
no ip address
encapsulation frame-relay IETF
framing g751
dsu mode 1
frame-relay lmi-type ansi
hold-queue out 4096
!
interface Serial0/3/0.200 point-to-point
ip address <IP Address> <mask>
no cdp enable
frame-relay interface-dlci <DLCI #>
service-policy output SHAPE_FR_ENCAP
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 34
4.4.4 OC3 PPP Access
Follow these steps for an OC3 PPP Circuit: On the main interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Set encapsulation to “ppp”
Set “pos scramble-atm”
Configure “pos flag s1s0 2”
Apply the output service policy.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out”
Example:
interface POS0/3/0
ip address <IP Address> <mask>
encapsulation ppp
load-interval 30
pos scramble-atm
pos flag s1s0 2
service-policy output POS-SHAPE
hold-queue 1024 in
hold-queue 4096 out
Follow these steps for an OC12/OC48 PPP circuit:
On the main interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Set encapsulation to “ppp”
Configure “crc” for 32
Set “pos scramble-atm”
Configure “pos flag s1s0 2”
Apply the output service policy.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out”
Example:
interface POS0/2/0
ip address <IP Address> <mask>
encapsulation ppp
load-interval 30
crc 32
pos scramble-atm
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 35
pos flag s1s0 2
service-policy output POS-SHAPE
hold-queue 1024 in
hold-queue 4096 out
hold-queue 32768 out [OC48 only]
4.4.5 OC3/OC12 Frame Relay Encapsulation
Follow these steps for an OC3 Frame Relay Encapsulation circuit:
On the main interface:
Set encapsulation to “frame-relay IETF”
Configure “frame-relay lmi-type ansi”
Set “pos scramble-atm”
Apply the output service policy.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out”
On each subinterface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure “frame-relay interface-dlci” with the appropriate DLCI number
Apply the output policy-map
Example:
interface POS0/3/0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type ansi
load-interval 30
pos scramble-atm
hold-queue 1024 in
hold-queue 4096 out
interface POS0/3/0.1 point-to-point
ip address <IP Address> <mask>
frame-relay interface-dlci <DLCI #>
service-policy output POS-SHAPE_FR_ENCAP
Follow these steps for an OC12 Frame Relay Encapsulation circuit:
On the main interface:
Set encapsulation to “frame-relay IETF”
Configure “frame-relay lmi-type ansi”
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 36
Configure “crc 32”
Set “pos scramble-atm”
Apply the output service policy.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out”
On each subinterface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure “frame-relay interface-dlci” with the appropriate DLCI number
Apply the output policy-map
Example:
interface POS0/3/0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type ansi
load-interval 30
crc 32
pos scramble-atm
hold-queue 1024 in
hold-queue 4096 out
interface POS0/3/0.1 point-to-point
ip address <IP Address> <mask>
frame-relay interface-dlci <DLCI #>
service-policy output POS-SHAPE_FR_ENCAP
4.4.6 OC48 Frame Relay Encapsulation (Port-Based COS)
Follow these steps for an OC48 Frame Relay Encapsulation circuit (Port-based COS):
On the main interface:
Set encapsulation to “frame-relay”
Configure “frame-relay lmi-type ansi”
Configure “crc 32”
Set “pos scramble-atm”
Apply the output service policy.
Configure “hold-queue 1024 in”
Configure “hold-queue 32768 out”
On each subinterface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 37
Configure “frame-relay interface-dlci” with the appropriate DLCI number
Example:
interface POS0/1/0
description - OC48 Link To DCXRPE3 - POS0/5/1/0
no ip address
encapsulation frame-relay
load-interval 30
crc 32
pos scramble-atm
pos flag s1s0 2
frame-relay lmi-type ansi
service-policy output OC48-SHAPE
hold-queue 1024 in
hold-queue 32768 out
!
interface POS0/1/0.100 point-to-point
description – Logical Channel #1 To Voice VRF
ip address 195.18.32.45 255.255.255.252
frame-relay interface-dlci 100
!
interface POS0/1/0.105 point-to-point
description – Logical Channel#2 To Data VRF
ip address 195.18.32.49 255.255.255.252
frame-relay interface-dlci 105
4.4.7 10 or 100 Mbit/s Ethernet Access
Note: The Fast Ethernet SPA card for the ASR can negotiate at 10 or 100 Mbit/s.
Follow these steps for Full Port: On the main interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure negotiation for auto.
Apply the output service policy
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out”
Example:
interface FastEthernet0/0/1
ip address <IP Address> <mask>
load-interval 30
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 38
negotiation auto
service-policy output Ethernet-SHAPE
hold-queue 1024 in
hold-queue 4096 out
Follow these steps for Single Stack VLAN Tag: On the main interface:
Configure negotiation for auto.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out” On the subinterface:
Configure “encapsulation dot1q” command with the appropriate VLAN tag number.
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Apply the output service policy
Example:
interface FastEthernet0/0/1
load-interval 30
negotiation auto
hold-queue 1024 in
hold-queue 4096 out
interface FastEthernet0/1.201 (recommend to set the subinterface numbering to the VLAN tag ID)
encapsulation dot1Q <VLAN tag>
ip address <ip address> <mask>
ip virtual-reassembly
service-policy output Ether-Shape
Follow these steps for Dual Stack VLAN Tag: On the main interface:
Configure negotiation for auto.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 out” On the subinterface:
Configure “encapsulation dot1q <inner VLAN tag #> second-dot1q <outer VLAN tag #>”
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Apply the output service policy
Example:
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 39
interface FastEthernet0/0/1
load-interval 30
negotiation auto
hold-queue 1024 in
hold-queue 4096 out
interface FastEthernet0/0.2004 (recommend to set the subinterface numbering to the VLAN tag ID)
encapsulation dot1Q <inner VLAN tag> second-dot1q <outer VLAN tag>
ip address <ip address> <mask>
service-policy output Ether-Shape
4.4.8 Gigabit Ethernet Access
Follow these steps for full port Gigabit Ethernet/10 Gigabit Ethernet: On the main interface:
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Configure negotiation for auto.
Apply the output service policy
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 [16384 – for 10G access] out”
Example:
interface GigabitEthernet0/0/1
ip address <IP Address> <mask>
load-interval 30
negotiation auto
service-policy output GIGE-SHAPE
hold-queue 1024 in
hold-queue [4096/16384] out
Follow these steps for Single Stack VLAN Tag: On the main interface:
Configure negotiation for auto.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 [16384 – for 10G access] out” On the subinterface:
Configure “encapsulation dot1q” command with the appropriate VLAN tag number.
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 40
Apply the output service policy
Example:
interface GigabitEthernet0/0/1
load-interval 30
negotiation auto
hold-queue 1024 in
hold-queue [4096/16384] out
interface GigabitEthernet0/1.201 (recommend to set the subinterface numbering to the VLAN tag ID)
encapsulation dot1Q <VLAN tag>
ip address <ip address> <mask>
ip virtual-reassembly
service-policy output Ether-Shape
Follow these steps for Dual Stack VLAN Tag: On the main interface:
Configure negotiation for auto.
Configure “hold-queue 1024 in”
Configure “hold-queue 4096 [16384 – for 10G access] out” On the subinterface:
Configure “encapsulation dot1q <inner VLAN tag #> second-dot1q <outer VLAN tag #>”
Configure the IP address of the interface which should be the CER side of the /30 subnet assigned for the CER/PER link.
Apply the output service policy
Example:
interface GigabitEthernet0/0/1
load-interval 30
negotiation auto
hold-queue 1024 in
hold-queue [4096/16384] out
interface GigabitEthernet0/0.2004 (recommend to set the subinterface numbering to the VLAN tag ID)
encapsulation dot1Q <inner VLAN tag> second-dot1q <outer VLAN tag>
ip address <ip address> <mask>
service-policy output Ether-Shape
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 41
Appendix A: Sample ASR Configurations
In these configurations, commands required for proper voice configuration are bolded.
A.1 Sample T3 PPP Router Configuration
ASR-Vancouver#show run Building configuration... Current configuration : 8075 bytes ! ! Last configuration change at 14:58:12 EST Fri Jan 14 2011 by vinny ! NVRAM config last updated at 14:14:52 EST Fri Jan 14 2011 by vinny ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no platform punt-keepalive disable-kernel-core ! hostname ASR-Vancouver ! boot-start-marker boot system flash bootflash:asr1000rp1-adventerprisek9.03.02.00.S.151-1.S1.bin boot-end-marker ! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! card type t3 0 2 enable password cisco ! no aaa new-model ! ! ! clock timezone EST -5 0 clock summer-time EDST recurring ip source-route ! ! ! no ip domain lookup
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 42
! ! multilink bundle-name authenticated ! ! username cisco password 0 cisco username admin password 0 cisco ! redundancy mode none ! class-map match-any BGP match access-group name BGP class-map match-any COS3 match access-group name COS3-Traffic class-map match-any COS2 match access-group name COS2-Traffic match access-group name BGP class-map match-any COS1 match access-group name RTP match access-group name SIP match access-group name SCCP ! policy-map MARK-BGP class BGP set ip dscp cs6 policy-map COS class COS1 priority queue-limit 2048 packets police 39792000 4974000 conform-action set-dscp-transmit ef exceed-action drop class COS2 bandwidth remaining percent 40 set ip dscp af31 queue-limit 256 packets service-policy MARK-BGP class COS3 bandwidth remaining percent 30 set ip dscp af21 queue-limit 256 packets class class-default bandwidth remaining percent 30 set ip dscp default queue-limit 256 packets policy-map T3-SHAPE class class-default shape average 43712000 174848 service-policy COS ! !
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 43
interface GigabitEthernet0/0/0 description – Faces SBC ip address 172.22.16.1 255.255.255.0 load-interval 30 negotiation auto ! interface GigabitEthernet0/0/1 no ip address shutdown negotiation auto ! interface GigabitEthernet0/0/2 no ip address shutdown negotiation auto ! ! interface GigabitEthernet0/0/3 no ip address shutdown negotiation auto ! ! interface Serial0/2/0 ip address 192.168.200.9 255.255.255.252 encapsulation ppp load-interval 30 dsu bandwidth 44210 framing c-bit cablelength 10 service-policy output T3-SHAPE hold-queue 4096 out ! ! router bgp 65000 bgp router-id 192.168.0.1 bgp log-neighbor-changes network 135.16.170.2 mask 255.255.255.255 network 32.252.97.40 mask 255.255.255.255 neighbor 192.168.200.10 remote-as 13979 neighbor 192.168.200.10 allowas-in ! ! ip route 135.16.170.2 255.255.255.255 172.22.16.2 *** Static Route to SBC IP Flexible Reach Signaling IP Address*** ! ip access-list extended BGP permit tcp any eq bgp any permit tcp any any eq bgp ip access-list extended COS2-Traffic
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 44
permit udp any any eq 2082 permit udp any eq 2082 any permit tcp any any eq www permit tcp any eq www any ip access-list extended COS3-Traffic permit udp any any eq 2083 permit udp any eq 2083 any permit tcp any any eq smtp permit tcp any eq smtp any ip access-list extended COS4-Traffic permit ip any any ip access-list extended RTP permit udp any range 16384 32767 any range 16384 32767 ip access-list extended SCCP permit tcp any range 2000 2003 any permit tcp any any range 2000 2003 ip access-list extended SIP permit udp any eq 5060 any permit udp any any eq 5060 permit tcp any eq 5060 any permit tcp any any eq 5060 ! logging esm config cdp run ! ! control-plane ! ! line con 0 exec-timeout 600 0 privilege level 15 login local stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 300 0 privilege level 15 login local ! ntp clock-period 17179842 ntp server 135.16.205.66 end
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 45
A.2 Sample OC3 PPP Router Configuration
Current configuration : 7994 bytes ! ! Last configuration change at 13:34:11 EST Fri Jan 21 2011 by vinny ! NVRAM config last updated at 12:24:54 EST Fri Jan 21 2011 by vinny ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no platform punt-keepalive disable-kernel-core ! hostname ASR-Vancouver ! boot-start-marker boot system flash bootflash:asr1000rp1-adventerprisek9.03.02.00.S.151-1.S1.bin boot-end-marker ! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! enable password cisco ! no aaa new-model ! clock timezone EST -5 0 clock summer-time EDST recurring ip source-route ! no ip domain lookup ! ! multilink bundle-name authenticated ! ! username cisco password 0 cisco username admin password 0 cisco ! redundancy mode none
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 46
! ! class-map match-any BGP match access-group name BGP class-map match-any COS3 match access-group name COS3-Traffic class-map match-any COS2 match access-group name COS2-Traffic match access-group name BGP class-map match-any COS1 match access-group name RTP match access-group name SIP match access-group name SCCP ! policy-map MARK-BGP class BGP set ip dscp cs6 policy-map COS class COS1 priority queue-limit 2048 packets police 134784000 16848000 conform-action set-dscp-transmit ef exceed-action drop class COS2 bandwidth remaining percent 40 set ip dscp af31 queue-limit 256 packets service-policy MARK-BGP class COS3 bandwidth remaining percent 30 set ip dscp af21 queue-limit 256 packets class class-default bandwidth remaining percent 30 set ip dscp default queue-limit 256 packets policy-map OC3-SHAPE class class-default shape average 148224000 592896 account user-defined 3 service-policy COS ! ! interface GigabitEthernet0/0/0 description – Faces SBC ip address 172.22.16.1 255.255.255.0 load-interval 30 negotiation auto ! ! interface GigabitEthernet0/0/2
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 47
no ip address shutdown negotiation auto ! interface GigabitEthernet0/0/3 no ip address shutdown negotiation auto ! interface POS0/3/0 ip address 195.18.31.25 255.255.255.252 encapsulation ppp load-interval 30 crc 32 pos scramble-atm pos flag s1s0 2 service-policy output OC3-SHAPE hold-queue 1024 in hold-queue 4096 out ! router bgp 65000 bgp router-id 192.168.0.1 bgp log-neighbor-changes network 135.16.170.2 mask 255.255.255.255 network 32.252.97.40 mask 255.255.255.252 neighbor 195.18.31.26 remote-as 13979 neighbor 195.18.31.26 allowas-in no auto-summary ! ip route 135.16.170.2 255.255.255.255 172.22.16.2 *** Static Route to SBC*** ! ! ! ! ip access-list extended BGP permit tcp any eq bgp any permit tcp any any eq bgp ip access-list extended COS2-Traffic permit udp any any eq 2082 permit udp any eq 2082 any permit tcp any any eq www permit tcp any eq www any ip access-list extended COS3-Traffic permit udp any any eq 2083 permit udp any eq 2083 any permit tcp any any eq smtp permit tcp any eq smtp any ip access-list extended COS4-Traffic permit ip any any
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 48
ip access-list extended RTP permit udp any range 16384 32767 any range 16384 32767 ip access-list extended SCCP permit tcp any range 2000 2003 any permit tcp any any range 2000 2003 ip access-list extended SIP permit udp any eq 5060 any permit udp any any eq 5060 permit tcp any eq 5060 any permit tcp any any eq 5060 control-plane ! line con 0 exec-timeout 600 0 privilege level 15 login local stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 300 0 privilege level 15 login local ! ntp clock-period 17178884 ntp server 135.16.205.66 end
A.3 Sample Gigabit Ethernet Router Configuration
Current configuration : 8953 bytes ! ! Last configuration change at 15:22:42 EST Tue Feb 15 2011 by vinny ! NVRAM config last updated at 15:24:01 EST Tue Feb 15 2011 by vinny ! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no platform punt-keepalive disable-kernel-core ! hostname ASR-Vancouver ! boot-start-marker boot system flash bootflash:asr1000rp1-adventerprisek9.03.02.00.S.151-1.S1.bin boot-end-marker
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 49
! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! enable password cisco ! no aaa new-model ! ! ! clock timezone EST -5 0 clock summer-time EDST recurring ip source-route ! no ip domain lookup ! multilink bundle-name authenticated ! ! ! ! ! username cisco password 0 cisco username admin password 0 cisco ! redundancy mode none ! ! ! ! class-map match-any BGP match access-group name BGP class-map match-any COS3 match access-group name COS3-Traffic class-map match-any COS2 match access-group name COS2-Traffic match access-group name BGP class-map match-any COS1 match access-group name RTP match access-group name SIP match access-group name SCCP ! policy-map MARK-BGP
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 50
class BGP set ip dscp cs6 policy-map COS class COS1 priority queue-limit 2048 packets police 700000000 87500000 conform-action set-dscp-transmit ef exceed-action drop class COS2 bandwidth remaining percent 40 set ip dscp af31 queue-limit 256 packets service-policy MARK-BGP class COS3 bandwidth remaining percent 30 set ip dscp af21 queue-limit 256 packets class class-default bandwidth remaining percent 30 set ip dscp default queue-limit 256 packets policy-map GIGE-SHAPE class class-default shape average 989952000 3959808 account user-defined 24 service-policy COS ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/0/0 description – Faces SBC ip address 172.22.16.1 255.255.255.0 load-interval 30 negotiation auto ! interface GigabitEthernet0/0/1 description - Gig-Wan Link ip address 195.18.31.117 255.255.255.252 load-interval 30 negotiation auto service-policy output GIGE-SHAPE hold-queue 1024 in hold-queue 4096 out ! !
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 51
interface GigabitEthernet0/0/3 no ip address shutdown negotiation auto ! ! interface GigabitEthernet0 vrf forwarding Mgmt-intf no ip address shutdown negotiation auto ! router bgp 65000 bgp router-id 192.168.0.1 bgp log-neighbor-changes network 135.16.170.2 mask 255.255.255.255 network 32.252.97.40 mask 255.255.255.252 neighbor 195.18.31.118 remote-as 13979 neighbor 195.18.31.118 allowas-in ! ip route 135.16.170.2 255.255.255.255 172.22.16.2 *** Static Route to Cascaded TDM GW Loopback*** no ip http server no ip http secure-server ! ip access-list extended BGP permit tcp any eq bgp any permit tcp any any eq bgp ip access-list extended COS2-Traffic permit udp any any eq 2082 permit udp any eq 2082 any permit tcp any any eq www permit tcp any eq www any ip access-list extended COS3-Traffic permit udp any any eq 2083 permit udp any eq 2083 any permit tcp any any eq smtp permit tcp any eq smtp any ip access-list extended COS4-Traffic permit ip any any ip access-list extended RTP permit udp any range 16384 32767 any range 16384 32767 ip access-list extended SCCP permit tcp any range 2000 2003 any permit tcp any any range 2000 2003 ip access-list extended SIP permit udp any eq 5060 any
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 52
permit udp any any eq 5060 permit tcp any eq 5060 any permit tcp any any eq 5060 ! logging esm config cdp run ! ! ! control-plane ! ! ! line con 0 exec-timeout 600 0 privilege level 15 login local stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 300 0 privilege level 15 login local ! ntp clock-period 17176517 ntp server 135.16.205.66 end
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 53
A.4 Sample OC48 PPP Router Configuration – Port-Based COS (ASR 1004 / 1006 only)
version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no platform punt-keepalive disable-kernel-core ! hostname ASR1006-Winnipeg ! boot-start-marker boot system flash bootflash:asr1000rp2-adventerprisek9.V151_3_S2_SR617255895_3.bin boot system flash bootflash:asr1000rp2-adventerprisek9.03.04.02.S.151-3.S2.bin boot-end-marker ! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! enable password cisco ! no aaa new-model clock timezone EST -5 0 clock summer-time EDST recurring no ip source-route ! ! ! no ip domain lookup ! ! ! multilink bundle-name authenticated ! ! ! username cisco password 0 cisco ! redundancy mode sso ! ! ! ip tftp source-interface GigabitEthernet0
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 54
! class-map match-any BGP match access-group name BGP class-map match-any COS3 match access-group name COS3-Traffic class-map match-any COS2 match access-group name COS2-Traffic match access-group name BGP class-map match-any COS1 match access-group name RTP match access-group name SIP match access-group name SCCP ! policy-map MARK-BGP class BGP set ip dscp cs6 policy-map COS class COS1 priority queue-limit 16384 packets police 2156512000 269564000 conform-action set-dscp-transmit ef exceed-action drop class COS2 bandwidth remaining percent 40 account user-defined 5 set ip dscp af31 queue-limit 1024 packets service-policy MARK-BGP class COS3 bandwidth remaining percent 30 account user-defined 5 set ip dscp af21 queue-limit 1024 packets class class-default bandwidth remaining percent 30 account user-defined 5 set ip dscp default queue-limit 1024 packets policy-map OC48-SHAPE class class-default shape average 2372096000 9488384 account user-defined 5 service-policy COS ! ! ! interface POS0/1/0 description - OC48 Link To DCXRPE3 - POS0/5/1/0 ip address 195.18.32.29 255.255.255.252 encapsulation ppp load-interval 30 crc 32 pos scramble-atm pos flag s1s0 2 service-policy output OC48-SHAPE
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 55
hold-queue 1024 in hold-queue 16384 out ! interface TenGigabitEthernet1/0/0 description - Link to LAN ip address 172.41.0.1 255.255.0.0 load-interval 30 hold-queue 1024 in ! interface GigabitEthernet0 vrf forwarding Mgmt-intf no ip address shutdown negotiation auto ! router bgp 65000 bgp router-id 192.168.0.96 bgp log-neighbor-changes neighbor 195.18.32.30 remote-as 13979 ! address-family ipv4 network 172.41.0.0 network 192.168.0.96 mask 255.255.255.255 network 195.18.32.28 mask 255.255.255.252 neighbor 195.18.32.30 activate neighbor 195.18.32.30 allowas-in exit-address-family ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ip access-list extended BGP permit tcp any eq bgp any permit tcp any any eq bgp ip access-list extended COS2-Traffic permit udp any any eq 2082 permit udp any eq 2082 any permit tcp any any eq www permit tcp any eq www any ip access-list extended COS3-Traffic permit udp any any eq 2083 permit udp any eq 2083 any permit tcp any any eq smtp permit tcp any eq smtp any ip access-list extended COS4-Traffic permit ip any any ip access-list extended RTP permit udp any range 16384 32767 any range 16384 32767
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 56
ip access-list extended SCCP permit tcp any range 2000 2003 any permit tcp any any range 2000 2003 ip access-list extended SIP permit udp any eq 5060 any permit udp any any eq 5060 permit tcp any eq 5060 any permit tcp any any eq 5060 ! ! ! control-plane ! ! ! ! line con 0 exec-timeout 600 0 login local stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 600 0 login local ! ntp source Loopback0 ntp server 135.16.205.66 end
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 57
A.5 Sample OC48 Frame Encap Config (multi-vrf) – Port-Based COS (ASR 1004 / 1006 only)
! version 15.1 service timestamps debug datetime msec service timestamps log datetime msec no platform punt-keepalive disable-kernel-core ! hostname ASR1006-Winnipeg ! boot-start-marker boot system flash bootflash:asr1000rp2-adventerprisek9.V151_3_S2_SR617255895_3.bin boot system flash bootflash:asr1000rp2-adventerprisek9.03.04.02.S.151-3.S2.bin boot-end-marker ! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! enable password cisco ! no aaa new-model clock timezone EST -5 0 clock summer-time EDST recurring no ip source-route ! ! ! no ip domain lookup ! ! ! multilink bundle-name authenticated ! ! ! username cisco password 0 cisco ! redundancy mode sso
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 58
! ! ! ip tftp source-interface GigabitEthernet0 ! class-map match-any BGP match access-group name BGP class-map match-any COS3 match access-group name COS3-Traffic class-map match-any COS2 match access-group name COS2-Traffic match access-group name BGP class-map match-any COS1 match access-group name RTP match access-group name SIP match access-group name SCCP ! policy-map MARK-BGP class BGP set ip dscp cs6 policy-map COS class COS1 priority queue-limit 16384 packets police 2156512000 269564000 conform-action set-dscp-transmit ef exceed-action drop class COS2 bandwidth remaining percent 40 account user-defined 5 set ip dscp af31 queue-limit 1024 packets service-policy MARK-BGP class COS3 bandwidth remaining percent 30 account user-defined 5 set ip dscp af21 queue-limit 1024 packets class class-default bandwidth remaining percent 30 account user-defined 5 set ip dscp default queue-limit 1024 packets policy-map OC48-SHAPE class class-default shape average 2372096000 9488384 account user-defined 5 service-policy COS ! ! ! ! ! interface POS0/1/0 description - OC48 Link To DCXRPE3 - POS0/5/1/0 no ip address
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 59
encapsulation frame-relay load-interval 30 crc 32 pos scramble-atm pos flag s1s0 2 frame-relay lmi-type ansi service-policy output OC48-SHAPE hold-queue 1024 in hold-queue 16384 out ! interface POS0/1/0.100 point-to-point description – Logical Channel#1 To Voice VRF ip address 195.18.32.45 255.255.255.252 frame-relay interface-dlci 100 ! interface POS0/1/0.105 point-to-point description – Logical Channel #2 To Data VRF ip address 195.18.32.49 255.255.255.252 frame-relay interface-dlci 105 ! interface TenGigabitEthernet1/0/0 description - Link To LAN ip address 172.42.1.1 255.255.0.0 secondary ip address 172.41.0.1 255.255.0.0 ip policy route-map Outbound_PBR_map load-interval 30 hold-queue 1024 in ! interface GigabitEthernet0 vrf forwarding Mgmt-intf ip address 10.10.27.96 255.255.255.0 speed 100 no negotiation auto ! router bgp 65000 bgp router-id 192.168.0.96 bgp log-neighbor-changes neighbor 195.18.32.46 remote-as 13979 neighbor 195.18.32.50 remote-as 13979 ! address-family ipv4 network 172.41.0.0 network 172.42.0.0 network 192.168.0.96 mask 255.255.255.255 network 195.18.32.44 mask 255.255.255.252 network 195.18.32.48 mask 255.255.255.252 neighbor 195.18.32.46 activate neighbor 195.18.32.46 allowas-in neighbor 195.18.32.46 route-map Advertised_Customer_Networks_voice_vrf out neighbor 195.18.32.50 activate
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 60
neighbor 195.18.32.50 allowas-in neighbor 195.18.32.50 route-map Advertised_Customer_Networks_data_vrf out exit-address-family ! ip forward-protocol nd ! no ip http server no ip http secure-server ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.10.27.1 ! ip access-list extended BGP permit tcp any eq bgp any permit tcp any any eq bgp ip access-list extended COS2-Traffic permit udp any any eq 2082 permit udp any eq 2082 any permit tcp any any eq www permit tcp any eq www any ip access-list extended COS3-Traffic permit udp any any eq 2083 permit udp any eq 2083 any permit tcp any any eq smtp permit tcp any eq smtp any ip access-list extended COS4-Traffic permit ip any any ip access-list extended RTP permit udp any range 16384 32767 any range 16384 32767 ip access-list extended SCCP permit tcp any range 2000 2003 any permit tcp any any range 2000 2003 ip access-list extended SIP permit udp any eq 5060 any permit udp any any eq 5060 permit tcp any eq 5060 any permit tcp any any eq 5060 ! ! ip prefix-list voice_vrf description - Advertised Networks For voice VRF ip prefix-list voice_vrf seq 5 permit 192.168.0.96/32 ip prefix-list voice_vrf seq 10 permit 172.41.0.0/16 ! ip prefix-list data_vrf description - Advertised Networks For data VRF ip prefix-list data_vrf seq 5 permit 172.42.0.0/16 access-list 101 permit ip 172.41.0.0 0.0.255.255 any access-list 101 permit ip host 192.168.0.96 any access-list 102 permit ip 172.42.0.0 0.0.255.255 any ! route-map Outbound_PBR_map permit 10 match ip address 101 set ip next-hop 195.18.32.46
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 61
! route-map Outbound_PBR_map permit 20 match ip address 102 set ip next-hop 195.18.32.50 ! route-map Advertised_Customer_Networks_data_vrf permit 10 match ip address prefix-list data_vrf ! route-map Advertised_Customer_Networks_voice_vrf permit 10 match ip address prefix-list voice_vrf ! ! ! control-plane ! ! ! ! ! line con 0 exec-timeout 600 0 login local stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 600 0 login local ! ntp source Loopback0 ntp server 135.16.205.66 end
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 62
A.6 Sample 10Gig Ethernet Router Configuration – PVC-Based COS (ASR1004 / 1006 only)
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname ASR1006-Winnipeg
!
boot-start-marker
boot system flash bootflash:asr1000rp2-adventerprisek9.V151_3_S2_SR617255895_3.bin
boot system flash bootflash:asr1000rp2-adventerprisek9.03.04.02.S.151-3.S2.bin
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable password cisco
!
no aaa new-model
clock timezone EST -5 0
clock summer-time EDST recurring
no ip source-route
!
!
!
no ip domain lookup
!
!
!
multilink bundle-name authenticated
!
!
!
username cisco password 0 cisco
!
redundancy
mode sso
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 63
!
!
!
ip tftp source-interface GigabitEthernet0
!
class-map match-any BGP
match access-group name BGP
class-map match-any COS3
match access-group name COS3-Traffic
class-map match-any COS2
match access-group name COS2-Traffic
match access-group name BGP
class-map match-any COS1
match access-group name RTP
match access-group name SIP
match access-group name SCCP
!
policy-map MARK-BGP
class BGP
set ip dscp cs6
policy-map 10Gig-COS
class COS1
priority
queue-limit 16384 packets
police 1750000000 218750000 conform-action set-dscp-transmit ef exceed-action drop
class COS2
bandwidth remaining percent 40 account user-defined 24
set ip dscp af31
queue-limit 1024 packets
service-policy MARK-BGP
class COS3
bandwidth remaining percent 30 account user-defined 24
set ip dscp af21
queue-limit 1024 packets
class class-default
bandwidth remaining percent 30 account user-defined 24
set ip dscp default
queue-limit 1024 packets
policy-map 10Gig-SHAPE
class class-default
shape average 2474944000 9899776 account user-defined 24
service-policy 10Gig-COS
!
!
!
!
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 64
interface TenGigabitEthernet0/0/0
description - 10GIG-WAN Link To CHPJAR1 - XE-5/0/0
no ip address
load-interval 30
hold-queue 2048 in
hold-queue 16384 out
!
interface TenGigabitEthernet0/0/0.550
description Link To CHPJAR1 - 2.5G VPN - xe-5/0/0.550
encapsulation dot1Q 550
ip address 195.18.32.33 255.255.255.252
service-policy output 10Gig-SHAPE
!
interface TenGigabitEthernet1/0/0
description - Link to LAN
ip address 172.41.0.1 255.255.0.0
load-interval 30
hold-queue 1024 in
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
router bgp 65000
bgp router-id 192.168.0.96
bgp log-neighbor-changes
neighbor 195.18.32.30 remote-as 13979
!
address-family ipv4
network 172.41.0.0
network 192.168.0.96 mask 255.255.255.255
network 195.18.32.28 mask 255.255.255.252
neighbor 195.18.32.30 activate
neighbor 195.18.32.30 allowas-in
exit-address-family
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip access-list extended BGP
permit tcp any eq bgp any
permit tcp any any eq bgp
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 65
ip access-list extended COS2-Traffic
permit udp any any eq 2082
permit udp any eq 2082 any
permit tcp any any eq www
permit tcp any eq www any
ip access-list extended COS3-Traffic
permit udp any any eq 2083
permit udp any eq 2083 any
permit tcp any any eq smtp
permit tcp any eq smtp any
ip access-list extended COS4-Traffic
permit ip any any
ip access-list extended RTP
permit udp any range 16384 32767 any range 16384 32767
ip access-list extended SCCP
permit tcp any range 2000 2003 any
permit tcp any any range 2000 2003
ip access-list extended SIP
permit udp any eq 5060 any
permit udp any any eq 5060
permit tcp any eq 5060 any
permit tcp any any eq 5060
!
cdp run
!
!
!
control-plane
!
!
!
!
line con 0
exec-timeout 600 0
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 600 0
login local
!
ntp source Loopback0
ntp server 135.16.205.66
end
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 66
Appendix B: Inbound Alternate Routing The Inbound Alternate Routing [IAR] feature enhances AT&T IP Flexible Reach service by providing customers the capability to have an alternate way to complete calls for the purpose of adding a backup path. With the IAR feature, we define a primary site as a site that is an AT&T IP Flexible Reach location with an active dial plan and is defined with the appropriate calling plan. We define a secondary site (alternate route site) where calls will be routed to in the case where the primary site is unavailable. The secondary site would mirror the dial plan of the primary site. IAR will be triggered based on the following conditions - 1. No response from the primary site, triggering a time-out (SIP error 408) 2. Error conditions that result in call failure 3. Concurrent call limit has been reached (IPBE signals a SIP error 503). 4. Network Busy (also a SIP 503). 5. Busy out of the trunks at TDM/IP PBX signaling a SIP error 503.
Appendix C: Branch Office Extension (BOE) C.1 Introduction to BOE
The configuration information in this CCG assumes a single primary CER. Any use by customers of alternate routing configurations or remote branch connectivity to other sites within the same or other AT&T VPN requires proper configuration of the signaling and media paths of the primary CER per this CCG so the AT&T IP Flexible Reach Service on AT&T VPN service works properly. The routing configurations in other customer routers needs to be set up to assure that the routing in their primary CER is not affected. Contact your AT&T technical sales team for further advice in these cases.
While AT&T BVoIP service offers multiple calling plans, the Branch Office IP PBX Extensions capability is supported with two calling plans: Local and Long Distance (plan B) and Local and Long Distance Package (plan C). AT&T IP Flexible Reach Service on AT&T VPN with Branch Office IP PBX Extensions option provides the capability to deliver telephone numbers for all the Branch Office sites supported by customer’s single centralized IP PBX. This configuration uses the IP PBX to support IP phones in a "plug-and-play" manner and does not require any additional premises-based hardware. The customer is able to use the AT&T VPN network or their existing data network to distribute calls to their branch office sites and
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 67
normal local calling capability can be assigned. Only Branch Office sites with fixed locations are supported by the option. AT&T collects the address data on the Branch Office site so the appropriate directory listing, taxing, regulatory fees, E911 and telephone number (TN) assignments can be associated with the Branch Office site. Branch office sites must be within the footprint of AT&T’s BVoIP local service area for AT&T BVoIP with Calling Plans B or C. The customer must provide correct information to AT&T regarding the address and telephone numbers of its Branch Offices and customer’s IP PBX must transmit the necessary address information to permit AT&T to route Branch Office E911 calls to the proper PSAP. Customers choose the calling capacity they require in units of Concurrent Calls which are similar to simultaneous calls and can be engineered using standard voice traffic tools (including Class of Service considerations or by using the customer’s existing voice channel capacity).
The components required for the service include:
An existing AT&T VoIP router at the hub site connected via AT&T VPN as the underlying transport service
A branch office site that may be connected via either 1) AT&T VPN as the underlying transport service or 2) private customer data network.
Outbound voice and fax calling is supported between:
-enabled locations (On-net)
-net) Inbound service from the PSTN is supported with Calling Plans B or C. Note that the management and maintenance of the Branch Office site and router is the responsibility of the customer. AT&T support for data transmission for AT&T Flexible Reach ends at the customer's IP PBX.
Branch Office site
The branch office site is defined as a site on the customer data network with IP phones. If the IP phones at the Branch Office site need access to AT&T IP Flexible Reach Service on AT&T VPN, then the Branch Office will be defined as having as having Branch Office IP PBX Extensions service. A Branch Office site with Internet access is not supported unless end-end IP VPN tunneling is used. A branch office site may be connected via either 1) AT&T VPN as the underlying transport service or 2) private customer data network.
Note: The branch office must have an IP route to the hub site in order for signaling and media to be exchanged.
Hub site
The hub site is the client’s centralized IP PBX Flexible Reach site. The hub site will have a customer managed CER connected to the AT&T VPN as the underlying transport service. The customer may reach the remote branch office sites via this CER (over the AT&T VPN as the underlying transport service) or they can deploy a second customer managed router that provides their own connectivity to the customer’s data network.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 68
Important Note: The number of concurrent calls at the Hub site must be engineered for all voice traffic originating and terminating at the Hub and Branch Office sites. Concurrent calls are the number of VoIP calls expected to occur at the same time at the Hub site. Be aware if BOE calls are hairpinned through the existing hub site router over the AT&T VPN as the underlying transport service, then the bandwidth required at the hub site for the BOE calls must be doubled (as the RTP for a BOE call traverses the WAN at the hub site twice). Also it is important to take growth at the BOE sites in mind when determining bandwidth requirements.
If the number of concurrent calls needs to be increased, a separate order must be places and completed prior to initiating the Branch Office order.
See section 2.1.2 for Bandwidth Per Call Requirements.
Note: The hub office must have an IP route to the branch office site in order for signaling and media to be exchanged.
Copyright © 2006 AT&T. All rights Reserved.
Call Flow
• 1) Phone dials VoIP customer at 201-555 2000
• 2) LEC passes call to LNS
• 3) VoIP network establishes path to hub site
• 4) Customer Edge Router sends call to IP PBX
• 5) IP PBX signals connection to handset at branch office site via AT&T VPN AS THE UNDERLYING TRANSPORT SERVICE (call rerouted out AT&T VPN AS THE UNDERLYING TRANSPORT SERVICE connection)
• 6) Phone rings and call is established
CCE CCE CCE CCE CCE CCE CCE
IP BE IP BE IP BE Customer
Edge Router/ IP Flexible Reach Site
VoIP IP Local Site Hub Site – New Brunswcik
732-555-7000 8000 201-555-6000 8000
908-555-2000 7000
AT&T BVoIP Network
Client
Router
Remote Branch Site Union
732-555-2000 7000
(4 )
(6)
(3)
(2)
(5)
Client Router
IP Phones
AT&T VPN AS THE
UNDERLYING TRANSPORT
SERVICE
PRI
IP BE
LEC
PSTN
LNS
ALI PSAP
911 Tandem
IP BE IP BE IP BE NGBE
AT&T BVoIP Branch Office Extension (BOE) using AT&T VPN AS THE UNDERLYING TRANSPORT SERVICE network to connect to BOE site:
(1)
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 69
C.2 Implementation Checklist
1) If porting in telephone numbers from another carrier, please ensure that site(s) will be ready on the date of the scheduled service activation:
a. Failure to ensure that the site is ready on the activation date will result in an out-of-service condition for the ported telephone numbers.
b. If a delay in activation is required for any reason, contact AT&T at least five business days prior to the service activation.
2) The Customer Administrator should verify that the Branch Office site can communicate to the hub site by placing test telephone and fax calls.
a. Ensure that the Branch Office is able to make a call to the hub site. (Note: If this does not work, the customer needs to contact their local or third-party data and voice network administrator)
b. Ensure that the hub site is able to make a call to the Branch Office. (Note: If this does not work, the customer needs to contact their local or third-party data and voice network administrator.)
c. Ensure that the hub site is able to make a Long Distance call.
Copyright © 2006 AT&T. All rights Reserved.
Call Flow
• 1) Phone dials VoIP customer at 201-555 2000
• 2) LEC passes call to LNS
• 3) VoIP network establishes path to hub site
• 4) Customer Edge Router sends call to IP PBX
• 5) IP PBX establishes connection to handset via client data network
• 6) Phone rings and call is established
CCE CCE CCE CCE CCE CCE CCE
IP BE IP BE IP BE Customer
Edge Router/ IP Flexible Reach Site
VoIP IP Local Site Hub Site – New Brunswcik
732-555-7000 8000 201-555-6000 8000 908-555-2000 7000
AT&T BVoIP Network
Client Router
Remote Branch Site Union
732-555-2000 7000
Remote Branch Site Hoboken
201-555-6000 8000
IP Phones
(4 )
(6)
(3)
(2)
(5)
Client Router
Client
Router
IP Phones
AT&T VPN AS THE
UNDERLYING TRANSPORT
SERVICE
PRI
IP BE
LEC
PSTN
LNS
ALI PSAP
911 Tandem
Client Data Network
IP BE IP BE IP BE NGBE
AT&T BVoIP Branch Office Extension (BOE) using Client Data Network to connect to BOE site:
(1)
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 70
3) Make sure the proper bandwidth is in place for the amount of concurrent calls required.
4) The customer is responsible for testing all the Branch Office locations after the service activation is done. Customer Administrator is responsible for performing self testing that will include placing test telephone and fax calls to on-net VoIP sites and to off-net numbers.
Special Note for site with Avaya Communications Manager if IP phones are PATed at the CER: The private IP address space of the additional BOE IP phones must be added to the access list referenced to in the PAT statement to ensure the phones are translated to a public IP address.
C.3 Emergency Services AT&T Flexible Reach service plans B and C, including Branch Office IP PBX Extensions, are limited to locations where AT&T can provide 911/E911 service. The 911 service provided is based on the site registered location information provided to AT&T by the customer. The customer must provide AT&T with the correct business name and address information for each AT&T IP Flexible Reach Service on AT&T VPN location including all Branch Offices. The customer must also ensure that AT&T BVoIP telephone numbers are assigned to the appropriate service location (identified during service ordering) and not assigned or used from another service location.
The customer premises equipment should be configured to use the telephone number of the phone device making the 911 call as the calling party number. This ensures both, AT&T will route the call to the appropriate public emergency service agency and that the correct address information will be displayed to emergency service agent handling the call. In addition, should the call be terminated inadvertently the agent will have a call back number to re-establish communication with the person seeking emergency services.
Should the customer choose to configure premises equipment to send a single telephone number as the calling party number on all 911 calls originating from a particular site, the customer must ensure the calling party number used is an AT&T BVoIP telephone number assigned to the site and the telephone is manned to handle potential call back from the emergency service agent.
C.4 Troubleshooting
If the customer is not able to make calls, then perform the following steps:
Ensure that the Branch Office is able to make a call to the hub site.
o If the above step is not successful, the customer needs to contact their local or third-party data and voice network administrator.
Ensure that the hub site is able to make a call to the Branch Office.
o If the above step is not successful, the customer needs to contact their local or third-party data and voice network administrator.
Ensure that the hub site is able to make a Long Distance call.
o If the above step is not successful, the customer needs to contact AT&T Professional Services by contacting your sales representative.
Ensure that the Branch Office is able to make an offnet call.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 71
o If the above step is not successful, then ping and trace from the Branch Office to the router at the Hub site. Check to see where the trace stops and contact the local Administrator to check ACL on corresponding routers and/or firewalls.
If the above test calls work, the customer will be able to make off-net calls from the Branch
Office. The number of simultaneous calls from Branch Office and hub site are subject to the purchased Concurrent Call limit.
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 72
Appendix D: Acronyms
Acronym Translation
ADSL Asymmetric Digital Subscriber Line
AIM Advanced Integration Module A
AS Autonomous System
ASR Aggregation Services Router
ATM Asynchronous Transfer Mode
AT&T VPN AT&T Virtual Private Network
BC Committed Burst
BE Excess Burst or Best Effort
BGP Border Gateway Protocol
BH Bursty High
BL Bursty Low
BOE Branch Office Extension
BVoIP Business Voice over Internet Protocol
CAS Channel Associated Signaling
CBWFQ Class Based Weighted Fair Queuing
CCG Customer Configuration Guide
CCS Common Channel Signaling
CDR Committed Data Rate
CEF Cisco Express Forwarding
CER Customer Edge Router
CHAP Challenge Handshake Authentication Protocol
CIR Committed Information Rate
CLI Command Line Interface
CM Communications Manager
COS Class of Service
CPE Customer Premise Equipment
CPU Central Processing Unit
CRC Cyclic Redundancy Check
CRTP Compress Real Time Protocol
CSU/DSU Channel Service Unit / Data Service Unit
CUBE Cisco Unified Border Element
CUCM Cisco Unified Communications Manager
DID Direct Inward Dial
DS Down Stream
DSCP Differentiated Service Code Point
DSL Digital Subscriber Line
DSP Digital Signal Processors
DTMF Dual Tone Multi Frequency
E&M Ear & Mouth
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 73
Acronym Translation
EF Expedient Forwarding
ePVC Enhanced Permanent Virtual Circuit
FR Frame Relay
FXO Foreign Exchange Office
FXS Foreign Exchange Station
GSM FR Global System for Mobile communications Full Rate
HDV High Density Voice
HWIC High-speed WAN Interface Card
IAR Inbound Alternate Routing
IETF Internet Engineering Task Force
IMA Inverse Multiplexing over ATM
IOS Internetwork Operation System
IP Internet Protocol
IPBE Internet Protocol Border Element
IPSEC Internet Protocol Security
ISR Integrated Services Router
ITU-T International Telecommunication Union - Telecommunications
GW Gateway
LAN Local Area Network
LFI Link Fragmentation and Interleaving
LLQ Low Latency Queuing
LD Long Distance
MLPPP Multi-Link Point-to-Point Protocol
MM Multi Media
MOW Most Of World
MTU Maximum Transmission Unit
NAT Network Address Translation
NET Network Equipment Technologies
NM Network Module
NPE Network Processing Engine
OAM Operation Administration & Maintenance
OCS Office Communication Server
PA Port Adapter
PAT Port Address Translation
PBX Private Branch Exchange
PC Personal Computer
PCR Peak Cell Rate
PER Provider Edge Router
POS Packet over SONET
POTS Plain Old Telephone Service
PPP Point-to-Point Protocol
PQ Priority Queue
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 74
Acronym Translation
PRI Primary Rate Interface
PSAP Public Safety Answering Point
PSTN Public Switched Telephone Network
PVC Permanent Virtual Circuit
PVDM Packet Voice DSP Module
QOS Quality of Service
QSIG Q Signaling
RC Receive
RFC Request for Comment
RT Real Time
RTCP Real Time Control Protocol
RTP Real Time Protocol
SBC Session Border Controller
SCCP Skinny Call Control Protocol
SCR Sustainable Cell Rate
SHDSL Single-Pair High-Speed Digital Subscriber Line
SIP Session Initiation Protocol
SM Session Manager
SPE Synchronous Payload Envelope
TAC Technical Assistance Center
TC Time Interval
TDM Time Division Multiplexing
TN Telephone Number
TX Transmit
UDP User Datagram Protocol
US Up Stream or United States
VAD Voice Activity Detection
VCI Virtual Circuit Identifier
VLAN Virtual Local Area Network
VNI Voice Network Infrastructure
VoIP Voice over Internet Protocol
VPI Virtual Path Identifier
VPN Virtual Private Network
VT Virtual Template
WAN Wide Area Network
WFQ Weighted Fair Queuing
WIC WAN Interface Card
AT&T IP Flexible Reach Service and/or AT&T IP Toll-Free on AT&T VPN
ASR 1001, 1002, 1002X 1004, 1006 Customer Configuration Guide (Nov. 25, 2015, Version 2.5)
Page 75
This Customer Configuration Guide ("CCG") is offered as a convenience to AT&T's customers. The specifications and information regarding the product in this CCG are subject to change without notice. All statements, information, and recommendations in this CCG are believed to be accurate but are presented without warranty of any kind, express or implied, and are provided “AS IS”. Users must take full responsibility for the application of the specifications and information in this CCG. In no event shall AT&T or its suppliers be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage arising out of the use or inability to use this CCG, even if AT&T or its suppliers have been advised of the possibility of such damage.